chore: Update discovery artifacts (#1603)
## Deleted keys were detected in the following stable discovery artifacts:
containeranalysis v1 https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
documentai v1 https://github.com/googleapis/google-api-python-client/commit/3ba31828b05604eaa23101d681354b39c75d712d
recaptchaenterprise v1 https://github.com/googleapis/google-api-python-client/commit/ff95700fce7de8bc2a58be64890740140532f865
## Deleted keys were detected in the following pre-stable discovery artifacts:
containeranalysis v1alpha1 https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
containeranalysis v1beta1 https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
documentai v1beta3 https://github.com/googleapis/google-api-python-client/commit/3ba31828b05604eaa23101d681354b39c75d712d
## Discovery Artifact Change Summary:
feat(bigtableadmin): update the api https://github.com/googleapis/google-api-python-client/commit/be7ffcca66cdcb1dfcd9849538772914c90b3ea0
feat(chromemanagement): update the api https://github.com/googleapis/google-api-python-client/commit/59c97996091063cdad497be989d168ec1e71a178
feat(cloudasset): update the api https://github.com/googleapis/google-api-python-client/commit/60f5758b975a9bbac044b9005601c5c026125137
feat(cloudfunctions): update the api https://github.com/googleapis/google-api-python-client/commit/c517033bea4e84d1c118f77df38e2f33b3741ec2
feat(contactcenterinsights): update the api https://github.com/googleapis/google-api-python-client/commit/9ac9faa70c053fd1f5b2de7b6ef5947a04270dba
feat(containeranalysis): update the api https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
feat(datapipelines): update the api https://github.com/googleapis/google-api-python-client/commit/a39bb0f9b41255adf6c790130931f64a153ac0e8
feat(datastore): update the api https://github.com/googleapis/google-api-python-client/commit/5050adbdc30c4247e2454a7e063c7f7ea2724bc0
feat(dialogflow): update the api https://github.com/googleapis/google-api-python-client/commit/fd46c128ec3d0679283e3cddb1c40eb8b5f3728a
feat(documentai): update the api https://github.com/googleapis/google-api-python-client/commit/3ba31828b05604eaa23101d681354b39c75d712d
feat(drive): update the api https://github.com/googleapis/google-api-python-client/commit/b1840b06a09ec22db69d757706aa98d2bf536a49
feat(file): update the api https://github.com/googleapis/google-api-python-client/commit/b13a2490844c5c84c42e26c7e5bafdf700e689df
feat(gkehub): update the api https://github.com/googleapis/google-api-python-client/commit/37cce48342813c865a2704ca06841f1801ebb60c
feat(healthcare): update the api https://github.com/googleapis/google-api-python-client/commit/8d1f955971aae9e0e4b7956906e43382fcf57d20
feat(metastore): update the api https://github.com/googleapis/google-api-python-client/commit/9c90df783a1fac104920100158ddb7c88d461545
feat(monitoring): update the api https://github.com/googleapis/google-api-python-client/commit/bf890b636ae02bb1d84e050df052fa341a29a4c1
feat(mybusinessbusinessinformation): update the api https://github.com/googleapis/google-api-python-client/commit/90e206c145790d0f9a78bbd7acb2667796868db7
feat(paymentsresellersubscription): update the api https://github.com/googleapis/google-api-python-client/commit/c8796544acc40e330276b7777c728782217b1bb4
feat(recaptchaenterprise): update the api https://github.com/googleapis/google-api-python-client/commit/ff95700fce7de8bc2a58be64890740140532f865
feat(recommender): update the api https://github.com/googleapis/google-api-python-client/commit/d85fe38478c2cb56b3694e6890f6d53c367e057d
feat(securitycenter): update the api https://github.com/googleapis/google-api-python-client/commit/35a6d4e716f26c77b3588f28d3097871a29dea7e
feat(speech): update the api https://github.com/googleapis/google-api-python-client/commit/13f1bcb6311e0ea11ad60a29713c1a0a1fe22f42
feat(sqladmin): update the api https://github.com/googleapis/google-api-python-client/commit/770bc14b5f95b525bd04e40378a718a38ac31a0d
feat(tpu): update the api https://github.com/googleapis/google-api-python-client/commit/ea30e3a05539e4de70e385a34490153f32c16789
feat(vmmigration): update the api https://github.com/googleapis/google-api-python-client/commit/80e20909242c4bde06b8adc3afecf1141be34f45
diff --git a/docs/dyn/securitycenter_v1.projects.sources.findings.html b/docs/dyn/securitycenter_v1.projects.sources.findings.html
index 9621942..d5c9ff8 100644
--- a/docs/dyn/securitycenter_v1.projects.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.projects.sources.findings.html
@@ -75,6 +75,11 @@
<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.projects.html">projects</a> . <a href="securitycenter_v1.projects.sources.html">sources</a> . <a href="securitycenter_v1.projects.sources.findings.html">findings</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
+ <code><a href="securitycenter_v1.projects.sources.findings.externalSystems.html">externalSystems()</a></code>
+</p>
+<p class="firstline">Returns the externalSystems Resource.</p>
+
+<p class="toc_element">
<code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
@@ -93,6 +98,9 @@
<code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
<p class="firstline">Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.</p>
<p class="toc_element">
+ <code><a href="#setMute">setMute(name, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates the mute state of a finding.</p>
+<p class="toc_element">
<code><a href="#setState">setState(name, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Updates the state of a finding.</p>
<p class="toc_element">
@@ -188,6 +196,17 @@
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
"createTime": "A String", # The time at which the finding was created in Security Command Center.
"eventTime": "A String", # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+ "externalSystems": { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+ "a_key": { # Representation of third party SIEM/SOAR fields within SCC.
+ "assignees": [ # References primary/secondary etc assignees in the external system.
+ "A String",
+ ],
+ "externalSystemUpdateTime": "A String", # The most recent time when the corresponding finding's ticket/tracker was updated in the external system.
+ "externalUid": "A String", # Identifier that's used to track the given finding in the external system.
+ "name": "A String", # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+ "status": "A String", # Most recent status of the corresponding finding's ticket/tracker in the external system.
+ },
+ },
"externalUri": "A String", # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
"findingClass": "A String", # The class of the finding.
"indicator": { # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -198,6 +217,9 @@
"A String",
],
},
+ "mute": "A String", # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+ "muteInitiator": "A String", # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+ "muteUpdateTime": "A String", # Output only. The most recent time this finding was muted or unmuted.
"name": "A String", # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
"parent": "A String", # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
"resourceName": "A String", # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -288,6 +310,17 @@
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
"createTime": "A String", # The time at which the finding was created in Security Command Center.
"eventTime": "A String", # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+ "externalSystems": { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+ "a_key": { # Representation of third party SIEM/SOAR fields within SCC.
+ "assignees": [ # References primary/secondary etc assignees in the external system.
+ "A String",
+ ],
+ "externalSystemUpdateTime": "A String", # The most recent time when the corresponding finding's ticket/tracker was updated in the external system.
+ "externalUid": "A String", # Identifier that's used to track the given finding in the external system.
+ "name": "A String", # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+ "status": "A String", # Most recent status of the corresponding finding's ticket/tracker in the external system.
+ },
+ },
"externalUri": "A String", # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
"findingClass": "A String", # The class of the finding.
"indicator": { # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -298,6 +331,9 @@
"A String",
],
},
+ "mute": "A String", # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+ "muteInitiator": "A String", # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+ "muteUpdateTime": "A String", # Output only. The most recent time this finding was muted or unmuted.
"name": "A String", # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
"parent": "A String", # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
"resourceName": "A String", # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -351,6 +387,17 @@
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
"createTime": "A String", # The time at which the finding was created in Security Command Center.
"eventTime": "A String", # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+ "externalSystems": { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+ "a_key": { # Representation of third party SIEM/SOAR fields within SCC.
+ "assignees": [ # References primary/secondary etc assignees in the external system.
+ "A String",
+ ],
+ "externalSystemUpdateTime": "A String", # The most recent time when the corresponding finding's ticket/tracker was updated in the external system.
+ "externalUid": "A String", # Identifier that's used to track the given finding in the external system.
+ "name": "A String", # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+ "status": "A String", # Most recent status of the corresponding finding's ticket/tracker in the external system.
+ },
+ },
"externalUri": "A String", # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
"findingClass": "A String", # The class of the finding.
"indicator": { # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -361,6 +408,99 @@
"A String",
],
},
+ "mute": "A String", # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+ "muteInitiator": "A String", # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+ "muteUpdateTime": "A String", # Output only. The most recent time this finding was muted or unmuted.
+ "name": "A String", # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
+ "parent": "A String", # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
+ "resourceName": "A String", # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
+ "securityMarks": { # User specified security marks that are attached to the parent Security Command Center resource. Security marks are scoped within a Security Command Center organization -- they can be modified and viewed by all users who have proper permissions on the organization. # Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.
+ "canonicalName": "A String", # The canonical name of the marks. Examples: "organizations/{organization_id}/assets/{asset_id}/securityMarks" "folders/{folder_id}/assets/{asset_id}/securityMarks" "projects/{project_number}/assets/{asset_id}/securityMarks" "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks" "folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks" "projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks"
+ "marks": { # Mutable user specified security marks belonging to the parent resource. Constraints are as follows: * Keys and values are treated as case insensitive * Keys must be between 1 - 256 characters (inclusive) * Keys must be letters, numbers, underscores, or dashes * Values have leading and trailing whitespace trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
+ "a_key": "A String",
+ },
+ "name": "A String", # The relative resource name of the SecurityMarks. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Examples: "organizations/{organization_id}/assets/{asset_id}/securityMarks" "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks".
+ },
+ "severity": "A String", # The severity of the finding. This field is managed by the source that writes the finding.
+ "sourceProperties": { # Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
+ "a_key": "",
+ },
+ "state": "A String", # The state of the finding.
+ "vulnerability": { # Refers to common vulnerability fields e.g. cve, cvss, cwe etc. # Represents vulnerability specific fields like cve, cvss scores etc. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+ "cve": { # CVE stands for Common Vulnerabilities and Exposures. More information: https://cve.mitre.org # CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+ "cvssv3": { # Common Vulnerability Scoring System version 3. # Describe Common Vulnerability Scoring System specified at https://www.first.org/cvss/v3.1/specification-document
+ "attackComplexity": "A String", # This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.
+ "attackVector": "A String", # Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. This metric reflects the context by which vulnerability exploitation is possible.
+ "availabilityImpact": "A String", # This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
+ "baseScore": 3.14, # The base score is a function of the base metric scores.
+ "confidentialityImpact": "A String", # This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.
+ "integrityImpact": "A String", # This metric measures the impact to integrity of a successfully exploited vulnerability.
+ "privilegesRequired": "A String", # This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
+ "scope": "A String", # The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
+ "userInteraction": "A String", # This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
+ },
+ "id": "A String", # The unique identifier for the vulnerability. e.g. CVE-2021-34527
+ "references": [ # Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
+ { # Additional Links
+ "source": "A String", # Source of the reference e.g. NVD
+ "uri": "A String", # Uri for the mentioned source e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
+ },
+ ],
+ },
+ },
+}</pre>
+</div>
+
+<div class="method">
+ <code class="details" id="setMute">setMute(name, body=None, x__xgafv=None)</code>
+ <pre>Updates the mute state of a finding.
+
+Args:
+ name: string, Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}", "folders/{folder_id}/sources/{source_id}/finding/{finding_id}", "projects/{project_id}/sources/{source_id}/finding/{finding_id}". (required)
+ body: object, The request body.
+ The object takes the form of:
+
+{ # Request message for updating a finding's mute status.
+ "mute": "A String", # Required. The desired state of the Mute.
+}
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ { # Security Command Center finding. A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.
+ "canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
+ "category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
+ "createTime": "A String", # The time at which the finding was created in Security Command Center.
+ "eventTime": "A String", # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+ "externalSystems": { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+ "a_key": { # Representation of third party SIEM/SOAR fields within SCC.
+ "assignees": [ # References primary/secondary etc assignees in the external system.
+ "A String",
+ ],
+ "externalSystemUpdateTime": "A String", # The most recent time when the corresponding finding's ticket/tracker was updated in the external system.
+ "externalUid": "A String", # Identifier that's used to track the given finding in the external system.
+ "name": "A String", # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+ "status": "A String", # Most recent status of the corresponding finding's ticket/tracker in the external system.
+ },
+ },
+ "externalUri": "A String", # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
+ "findingClass": "A String", # The class of the finding.
+ "indicator": { # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+ "domains": [ # List of domains associated to the Finding.
+ "A String",
+ ],
+ "ipAddresses": [ # List of ip addresses associated to the Finding.
+ "A String",
+ ],
+ },
+ "mute": "A String", # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+ "muteInitiator": "A String", # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+ "muteUpdateTime": "A String", # Output only. The most recent time this finding was muted or unmuted.
"name": "A String", # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
"parent": "A String", # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
"resourceName": "A String", # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -428,6 +568,17 @@
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
"createTime": "A String", # The time at which the finding was created in Security Command Center.
"eventTime": "A String", # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+ "externalSystems": { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+ "a_key": { # Representation of third party SIEM/SOAR fields within SCC.
+ "assignees": [ # References primary/secondary etc assignees in the external system.
+ "A String",
+ ],
+ "externalSystemUpdateTime": "A String", # The most recent time when the corresponding finding's ticket/tracker was updated in the external system.
+ "externalUid": "A String", # Identifier that's used to track the given finding in the external system.
+ "name": "A String", # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+ "status": "A String", # Most recent status of the corresponding finding's ticket/tracker in the external system.
+ },
+ },
"externalUri": "A String", # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
"findingClass": "A String", # The class of the finding.
"indicator": { # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -438,6 +589,9 @@
"A String",
],
},
+ "mute": "A String", # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+ "muteInitiator": "A String", # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+ "muteUpdateTime": "A String", # Output only. The most recent time this finding was muted or unmuted.
"name": "A String", # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
"parent": "A String", # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
"resourceName": "A String", # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.